Infosec
Upcoming SlideShare
Loading in...5
×
 

Infosec

on

  • 1,207 views

 

Statistics

Views

Total Views
1,207
Views on SlideShare
1,182
Embed Views
25

Actions

Likes
1
Downloads
7
Comments
0

1 Embed 25

http://channel.n.cat-hackers.net 25

Accessibility

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Infosec Infosec Presentation Transcript

  • InfoSec Ahmad Aabed
  • Why InfoSec???  Nobody is perfect.  World is digitalized.  We are “System engineers,Programmers,Database administrators,Web developers”  At least we are “users”
  • Sniffing  Sniffer:computer software or computer hardware that can intercept and log traffic passing over a network or part of a network.  Depending on the network structure (hub or switch).
  • Spoofing  Is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage.  “URL spoofing and phishing,Dns spoofing,Arp spoofing,MITM,E-mail address spoofing,Ip spoofing,Mac Spoofing”
  • E-mail spoofing  Describes e-mail activity in which the sender address and other parts of the e-mail header are altered to appear as though the e-mail originated from a different source.
  • DNS spoofing  Is the art of making a DNS entry to point to an another IP than it would be supposed to point to.  DNS Cache Poisoning.  DNS ID Spoofing.  Birthday Paradox.
  • ARP spoofing  Faking the ARP message.  Associates the attacker's MAC address with the IP address of another machine.  Any traffic meant for that IP address would be mistakenly sent to the attacker.
  • Phishing  Attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity.  often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.
  • IP spoofing  The creation of IP packets with a spoofed source IP address with the purpose of concealing the identity of another machine.
  • MAC Spoofing  ifconfig eth0 down hw ether 00:00:00:00:00:00  Allows the bypassing of access control lists on servers or routers,
  • MITM  Attack in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other.
  • Session hijacking  Refers to the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system.
  • Dos attacks  Is an attempt to make a computer resource unavailable to its intended users.  prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely.  saturating the target (victim) machine with external communications requests, such that it cannot respond to legitimate traffic.
  • Dos attacks (cont)  ICMP flood (Smurf attack”Reflected attack”,Ping flood,Ping of death).  SYN flood.  login/logout.  Distributed attack.  Prevented by (switches,routers,firewall,ips).
  • Buffer overflow  Is an anomaly where a process stores data in a buffer outside the memory the programmer set aside for it.  1-overflow an input field, command-line argument, or input buffer.  2-overflow the current return address on the stack with address of the exploit code loaded in step 3.  3-write a simple set of code for the next space in the stack that includes attacker commands.
  • Exploits  Apiece of software, a chunk of data, or sequence of commands that take advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic.  Metasploit.  Coreimpact.
  • SQL injection  Is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters  “select * from `users` where `username` = '$userName' and `password` = '$password'”  What if user has entered his username as: ' + 1 = 1. Query where clause will be true, which will authenticate user in.
  • Password attacks  Bruteforce.  Dictionary.
  • DEMOS